package com.zy.shiro;


import com.zy.domain.User;
import com.zy.service.UserService;
//import com.zy.common.ActiverUser;
import com.zy.shiro.domain.SysUser;
import com.zy.shiro.service.SysUserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

@Component
public class UserRealm extends AuthorizingRealm {

  @Autowired
  private SysUserService sysUserService ;

//  @Autowired
//  private RedisTemplate redisTemplate;
  /**
   * 做授权
   * 授权可能会运行多次
   * @param principals
   * @return
   */
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    SysUser sysUser = (SysUser) principals.getPrimaryPrincipal();
//    Set<String> o = (Set<String>) redisTemplate.opsForValue().get("AUTH_PERMIS" + sysUser.getId());
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    List<Long> roleIdList = sysUser.getRoleIdList();
    List<String> permissions = new ArrayList<String>();
    Set<String> roles=new HashSet<String>();
    for (Long roleId : roleIdList) {
//     permissions.add(roleId.toString());
      roles.add(roleId.toString());
    }
//    simpleAuthorizationInfo.addRoles(roles);
    simpleAuthorizationInfo.addStringPermissions(permissions);
//    for (Role role : user.getRoles()) {
//      // 添加角色
//      simpleAuthorizationInfo.addRole(role.getRoleName());
//      for (Permission permission : role.getPermissions()) {
//        // 添加权限
//        simpleAuthorizationInfo.addStringPermission(permission.getPermission());
//      }
//    }

//    simpleAuthorizationInfo.setStringPermissions(o);
    return  simpleAuthorizationInfo;
  }

  /**
   * 做登录
   * 用户登录一次
   * @param token
   * @return
   * @throws AuthenticationException
   */
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    // token 里面包含用户名
    String username = token.getPrincipal().toString();
    // 通过用户名查询用户
    SysUser sysUser = sysUserService.findUserByusername(username);
    if(sysUser==null){ // 用户名不存在
      return  null ; // shiro 会处理null的情况，底层会抛一个用户不存在的异常
    }
//    ActiverUser activerUser=new ActiverUser();
//    // 查询角色
//    activerUser.setRoles(this.sysUserService.queryRoleByUserId(sysUser.getUserId()));
//    // 查询权限
//    activerUser.setPermissions(this.sysUserService.queryPermissionByUserId(sysUser.getUserId()));


//    // 屏蔽用户的私人信息后，把用户给它
//    sysUser.setEmail("*******");
    ByteSource byteSource = ByteSource.Util.bytes("whlcrz"); // sysUser.getSalt()

    return new SimpleAuthenticationInfo(sysUser,sysUser.getPassword(),byteSource,sysUser.getUserName());
  }
}

